Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/90696
標題: Harn的群體認證協定之延伸
Extending Harn's Group Authentication Protocol
作者: 林顥桐
關鍵字: Group Authentication
Secret Sharing
Group-Oriented Applications
Digital Signature
Elliptic Curve Digital Signature Algorithm
Batch Verification
Revocation
群體認證
秘密分享
群體導向應用
數位簽章
橢圓曲線數位簽章
批次驗證
撤銷
引用: [1] ANSI, Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA), ANSI X9.62, 1999. [2] A. Antipa, D. Brown, R. Gallant, R. Lambert, R. Struik, and S. Vanstone: Accelerated Verification of ECDSA Signatures. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 307-318. Springer, Heidelberg, 2006. [3] M. A. C. Bhakti, A. Abdullah, and L.T. Jung: EAP-Based Authentication for Ad Hoc Network. In: Proc. Seminar Nasional Aplikasi Teknologi Informasi(SNATI) Conf., pp. 133-137, 2007. [4] B. Bruhadeshwar, and S. S. Kulkarni: Balancing revocation and storage trade-offs in secure group communication. In: IEEE Transactions on Dependable and Secure Computing, vol. 8, no. 1, pp. 58-73, 2011. [5] P. Caballero-Gil and C. Herna?ndez-Goya: Self-Organized Authentication in Mobile Ad-Hoc Networks. In: J. Comm. and Networks, vol. 11, no. 5, pp. 509-517, 2009. [6] S. Capkun, L. Buttyan, and J.P. Hubaux: Self-Organized Public-Key Management for Mobile Ad Hoc Networks. In: IEEE Trans. Mobile Computing, vol. 2, no. 1, pp. 52-64, 2003. [7] J. H. Cheon, and J. H. Yi: Fast Batch Verification of Multiple Signatures. In: Okamoto, T.,Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 442-457. Springer, Heidelberg, 2007. [8] M. L. Das: Two-factor user authentication in wireless sensor networks. In: IEEE Transactions on Wireless Communications, vol. 8, no. 3, pp. 1086-1090, 2009. [9] W. Diffie, and M. E. Hellman: New directions in cryptography. In: IEEE Transactions, vol. 22, no. 6, pp. 644-654, 1976. [10] L. Harn: Batch verifying multiple RSA digital signatures. In: Electronics Letters, vol. 34, issue. 12, pp. 1219-1220, 1998. [11] L. Harn: Group Authentication. In: IEEE Transactions on Computers, vol. 62, no. 9, pp. 1893-1898, 2013. [12] S. M. Hwang, I. C. Lin, and K. F. Hwang: Cryptanalysis of the batch verifying multiple RSA digital signatures. In: Informatica, vol. 11, no. 1, pp. 15-19, 2000. [13] D. Johnson, A. Menezes, and S. Vanstone: The Elliptic Curve Digital Signature Algorithm (ECDSA). In: International Journal of Information Security, vol.1, issue. 1, pp. 36-63. Springer-Verlag, 2001. [14] S. Karati, A. Das, D. Roychowdhury, B. Bellur, D. Bhattacharya, and A. Iyer: Batch verification of ECDSA signatures. In: Progress in Cryptology AFRICACRYPT 2012, pp. 1-18. Springer, Heidelberg, 2012. [15] D. Naccache, D. M'Ra?hi, S. Vaudenay, and D. Raphaeli: Can DSA be improved? Complexity trade-offs with the digital signature standard. In: Advances in Cryptology EUROCRYPT'94, pp. 77-85. Springer, Heidelberg, 1995. [16] National Institute of Standards and Technology, Digital Signature Standard, FIPS Publication 186, 1994. [17] R. Oppliger, R. Hauser, and D. Basin: SSL/TLS session-aware user authentication. In: Computer, vol. 41, no. 3, pp. 59-65, 2008. [18] A. A. Pirzada, and C. McDonald: Kerberos Assisted Authentication in Mobile Ad-Hoc Networks. In: Proc. 27th Australasian Computer Science Conf. (ACSC), vol. 26, no. 1, pp. 41-46, 2004. [19] R. Rivest, A. Shamir, and L. Adleman: A method for obtaining digital signatures and public-key cryptosystems. In: Communications of the ACM, vol. 21, no 2, pp. 120-126, 1978. [20] P. Sakarindr and N. Ansari: Survey of security services on group communications. In: Information Security, IET, vol. 4, no. 4, pp. 258-272, 2010. [21] A. Shamir: How to Share a Secret. In: Comm. ACM, vol.22, no. 11, pp. 612-613, 1979. [22] S. Vanstone: Responses to NIST's proposal. In: Commun ACM, pp. 50-52, 1992.
摘要: Harn學者提出一種新的群體認證協定,有別於傳統使用者認證協定,屬於一對一的認證方式,此協定的基礎是建立於Shamir's (t, n)秘密分享架構上,並可進行多對多的認證,稱為可多次認證之非同步(t, m, n)群體認證,t為安全性門檻,m、n則分別代表參與者與群組內成員的總數。該方法只需進行一次性的認證,即可判斷參與的使用者是否屬於同個群體,並適用於群體為導向的應用。本文從安全性的角度分析該協定,發現其方法並未討論到當認證失敗,即若有非成員存在時,該如何找出非成員;在本文中提供一個通解,將該協定以加入數位簽章的方式,在認證失敗時,辨識出非成員。以本文為例,使用的是橢圓曲線數位簽章。此外,本文對於該協定也提出兩種新的演算法來進行延伸,分別是使用批次驗證(Batch Verification)改善驗證簽章的方式,也就是增進辨識出非成員的效率,以及新增撤銷(Revocation)的動作,用於紀錄認證失敗被找出的非成員,以及舊成員被撤銷(revoke)時的情況,而這些使用者也將無法再進行群體認證的活動。
URI: http://hdl.handle.net/11455/90696
其他識別: U0005-2811201416180612
文章公開時間: 10000-01-01
Appears in Collections:資訊科學與工程學系所

文件中的檔案:

取得全文請前往華藝線上圖書館



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.